Help
RSS
API
Feed
Maltego
Contact
Domain > nou2.ddos-live.five-host.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2026-01-05
93.115.101.8
(
ClassC
)
Port 80
HTTP/1.1 202 AcceptedServer: TengineDate: Mon, 05 Jan 2026 20:59:55 GMTContent-Type: text/htmlContent-Length: 3309Connection: keep-aliveKeep-Alive: timeout15Expires: Thu, 01 Jan 1970 00:00:01 GMTCache-Control: no-cache html> head> meta charsetutf-8> meta http-equivCache-Control contentno-store, no-cache, must-revalidate> meta http-equivPragma contentno-cache> /head> body> script typetext/javascript src/min.js>/script> script> function toNumbers(d){var e;d.replace(/(..)/g,function(x){e.push(parseInt(x,16));});return e;} function toHex(){var d(arguments.length1&&arguments0.constructorArray)?arguments0:arguments,e;for(var f0;fd.length;f++)e+(16>df?0:)+df.toString(16);return e.toLowerCase();} (async function () { try { var atoNumbers(abcdef0123456789abcdef0123456789), btoNumbers(789abcdef0123456789abcdef0123456), ctoNumbers(9dfda883f326d181e9fd806fba8c13d6); function del(name){ var base name + ; Max-Age0; path/; SameSiteLax; document.cookie base; document.cookie base + ; Secure; } del(AntiDDoS); del(AntiDDoS_POW); del(AntiDDoS_B); if (window.crypto && crypto.subtle && window.TextEncoder) { var enc new TextEncoder(); async function sha256Hex(str){ var buf await crypto.subtle.digest(SHA-256, enc.encode(str)); return Array.from(new Uint8Array(buf)).map(function(b){return b.toString(16).padStart(2,0);}).join(); } async function tinyPoW(challenge,difficulty,timeBudgetMs){ var prefix Array(difficulty+1).join(0); var nonce0, t0performance.now(); for(;;){ var h await sha256Hex(challenge+:+nonce); if(h.indexOf(prefix)0) return {ok:true,nonce:nonce,h:h}; nonce++; if((nonce&0x7ff)0){ if(performance.now()-t0>timeBudgetMs) return {ok:false}; await new Promise(function(r){setTimeout(r,0);}); } } } var ua navigator.userAgent||; var rnd Math.random().toString(36).slice(2); var challenge ua+|+rnd; var difficulty 3; var budgetMs 300; var r await tinyPoW(challenge, difficulty, budgetMs); if (r.ok) { document.cookieAntiDDoS_POW+encodeURIComponent(r.nonce+.+r.h)+; Max-Age900; path/; SameSiteLax; } } var tokenHex toHex(slowAES.decrypt(c,2,a,b)); var bucket 202601052245; document.cookieAntiDDoS + tokenHex + ; Max-Age900; path/; SameSiteLax; document.cookieAntiDDoS_B + bucket + ; Max-Age900; path/; SameSiteLax; location.hrefhttp://nou2.ddos-live.five-host.com/; } catch(e) { location.hrefhttp://nou2.ddos-live.five-host.com/; } })(); /script> /body> /html>
Port 443
HTTP/1.1 202 AcceptedServer: TengineDate: Mon, 05 Jan 2026 20:59:56 GMTContent-Type: text/htmlContent-Length: 3436Connection: keep-aliveKeep-Alive: timeout15Expires: Thu, 01 Jan 1970 00:00:01 GMTCache-Control: no-cache html> head> meta charsetutf-8> meta http-equivCache-Control contentno-store, no-cache, must-revalidate> meta http-equivPragma contentno-cache> /head> body> script typetext/javascript src/min.js>/script> script> function toNumbers(d){var e;d.replace(/(..)/g,function(x){e.push(parseInt(x,16));});return e;} function toHex(){var d(arguments.length1&&arguments0.constructorArray)?arguments0:arguments,e;for(var f0;fd.length;f++)e+(16>df?0:)+df.toString(16);return e.toLowerCase();} (async function () { try { var atoNumbers(abcdef0123456789abcdef0123456789), btoNumbers(789abcdef0123456789abcdef0123456), ctoNumbers(05af103302504c9876aa9d83578428b1); var isHttps (location.protocolhttps:); function del(name){ var base name + ; Max-Age0; path/; SameSiteLax; document.cookie base; if (isHttps) document.cookie base+; Secure; } del(AntiDDoS); del(AntiDDoS_POW); del(AntiDDoS_B); if (window.crypto && crypto.subtle && window.TextEncoder) { var enc new TextEncoder(); async function sha256Hex(str){ var buf await crypto.subtle.digest(SHA-256, enc.encode(str)); return Array.from(new Uint8Array(buf)).map(function(b){return b.toString(16).padStart(2,0);}).join(); } async function tinyPoW(challenge,difficulty,timeBudgetMs){ var prefix Array(difficulty+1).join(0); var nonce0, t0performance.now(); for(;;){ var h await sha256Hex(challenge+:+nonce); if(h.indexOf(prefix)0) return {ok:true,nonce:nonce,h:h}; nonce++; if((nonce&0x7ff)0){ if(performance.now()-t0>timeBudgetMs) return {ok:false}; await new Promise(function(r){setTimeout(r,0);}); } } } var ua navigator.userAgent||; var rnd Math.random().toString(36).slice(2); var challenge ua+|+rnd; var difficulty 3; var budgetMs 300; var r await tinyPoW(challenge, difficulty, budgetMs); if (r.ok) { document.cookieAntiDDoS_POW+encodeURIComponent(r.nonce+.+r.h)+; Max-Age900; path/; SameSiteLax; var tokenHex toHex(slowAES.decrypt(c,2,a,b)); var bucket 202601052245; document.cookieAntiDDoS + tokenHex + ; Max-Age900; path/; SameSiteLax; document.cookieAntiDDoS_B + bucket + ; Max-Age900; path/; SameSiteLax; } } location.hrefhttps://nou2.ddos-live.five-host.com/; } catch(e) { location.hrefhttps://nou2.ddos-live.five-host.com/; } })(); /script> /body> /html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]